Reputation: 2246
Using simple function:
mysqli_query($link, 'update table set field = \'variable text with \" slash\' ');
$res = mysqli_query($link, 'select field from table');
$res = mysqli_fetch_array($res);
when printing the result I have string without slash like: 'variable text with " slash'. When I preview the table in my localhost mysql client (SequelPro) I see that there are no slash also. Is it normal that mysql is removing this slash on insert automaticaly? Is it a way to prevent this? I need this slash there. Also I cannot use addslashes later after getting the value from db. Magic quotes are disabled on my php server.
Upvotes: 2
Views: 4281
Reputation: 10618
This is because PHP is escaping the "
. You need to escape the backslash too, like this:
mysqli_query($link, 'update table set field = \'variable text with \\\" slash\' ');
Or you could use addslashes().
$query = addslashes('update table set field = \'variable text with \" slash\' ')
mysqli_query($link, $query);
Upvotes: 2
Reputation: 37243
you have to use double slach \\
try that:
mysqli_query($link, "update table set field = 'variable text with \\" slash' ");
Upvotes: 1
Reputation: 7517
I assume you want to keep the second backslash, as the first and third are needed to escape the single quotes. To keep the backslash, simply escape the backslash:
mysqli_query($link, 'update table set field = \'variable text with \\" slash\' ');
You don't need to escape the double quote because this string is enclosed by single quotes.
Upvotes: 1
Reputation: 4052
The slashes you are adding are used to escape the quotes in the php string. You should add 3 slashes \\\"
so that the first two make a backslash and the third one escapes the quote.
Upvotes: 8